CVE-2023-37378
https://notcve.org/view.php?id=CVE-2023-37378
Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory. • http://sf.net/p/nsis/bugs/1296 https://github.com/kichik/nsis/commit/281e2851fe669d10e0650fc89d0e7fb74a598967 https://github.com/kichik/nsis/commit/409b5841479c44fbf33a6ba97c1146e46f965467 https://github.com/kichik/nsis/commit/c40cf78994e74a1a3a381a850c996b251e3277c0 https://lists.debian.org/debian-lts-announce/2023/07/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A65FBUMHLZ7GBV3VDKUB5EK3A7X2UUWK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org& •
CVE-2015-9267
https://notcve.org/view.php?id=CVE-2015-9267
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program. Nullsoft Scriptable Install System (NSIS) en versiones anteriores a la 2.49 emplea ubicaciones temporales de carpetas que permiten que usuarios locales sin privilegios sobrescriban archivos. Esto permite un ataque local por el cual un plugin o el desinstalador pueden ser reemplazados por un programa troyano. • http://jvn.jp/en/jp/JVN68418039/index.html https://lists.debian.org/debian-lts-announce/2018/11/msg00041.html https://sourceforge.net/p/nsis/bugs/1125 • CWE-269: Improper Privilege Management •
CVE-2015-9268
https://notcve.org/view.php?id=CVE-2015-9268
Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime. Nullsoft Scriptable Install System (NSIS) en versiones anteriores a la 2.49 tiene un enlace implícito inseguro contra Version.dll. En otras palabras, no hay un mecanismo de protección en el que una función wrapper resuelve la dependencia en un momento adecuado durante el tiempo de ejecución. • http://jvn.jp/en/jp/JVN68418039/index.html https://lists.debian.org/debian-lts-announce/2018/11/msg00041.html https://sourceforge.net/p/nsis/bugs/1125 • CWE-20: Improper Input Validation •
CVE-2014-3442 – Winamp - '.flv' File Processing Memory Corruption
https://notcve.org/view.php?id=CVE-2014-3442
Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s. Winamp 5.666 y anteriores permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída) a través de un archivo .FLV malformado, relacionado con f263.w5s. WinAMP versions 5.666 build 3516 and below suffer from a memory corruption vulnerability. • https://www.exploit-db.com/exploits/39180 http://packetstormsecurity.com/files/126636 http://www.securityfocus.com/bid/67429 https://exchange.xforce.ibmcloud.com/vulnerabilities/93173 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-4694 – Winamp 5.63 - Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-4694
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk. Desbordamiento de buffer basado en pila en gen_jumpex.dll en Winamp anterior a 5.64 Build 3418 permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un paquete con un nombre de directorio Skin largo. NOTA: un segundo desbordamiento de buffer involucrando un campo de búsqueda GUI largo hacia ml_local.dll fue también reportado. • https://www.exploit-db.com/exploits/26558 https://www.exploit-db.com/exploits/27874 http://forums.winamp.com/showthread.php?t=364291 http://osvdb.org/94739 http://osvdb.org/94740 http://packetstormsecurity.com/files/122239/WinAmp-5.63-Buffer-Overflow.html http://packetstormsecurity.com/files/122978 http://seclists.org/fulldisclosure/2013/Jul/4 http://www.exploit-db.com/exploits/26558 http://www.securityfocus.com/bid/60883 http://www.securitytracker.com/id/1030107 https: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •